LEGAL

// WHO WE ARE

ShouldIBack ("we", "us", "our") is an independent AI-powered Kickstarter campaign analysis tool. We are not affiliated with Kickstarter PBC. Our service is available at shouldiback.com.

Questions about this policy? Contact us at shouldiback.com/contact.

// DATA WE COLLECT

Account data: When you sign in, we collect your email address via Supabase Auth (magic link / OTP). We do not collect passwords.

Payment data: If you upgrade to Pro, billing is handled by Stripe. We store only your Stripe customer ID and subscription status — never your full card details.

Usage data: We store campaign analyses you run (Kickstarter URLs, AI-generated results) linked to your account. This lets us show you your analysis history.

UTM / referral data: If you arrive via a referral link or marketing URL, we store the source, medium, and campaign parameters to understand how people find us.

Contact form: Name, email, and message content submitted via our contact form.

// HOW WE USE YOUR DATA

• To authenticate you and manage your account
• To process Pro subscription payments via Stripe
• To store and display your past campaign analyses
• To send transactional emails (magic links, receipts, trial reminders) via AWS SES
• To understand how users find and use our product (analytics)
• To respond to contact form submissions

We do not sell your data. We do not use your data for advertising.

// THIRD-PARTY SERVICES

We use the following third-party services to operate ShouldIBack:

• Supabase — database and authentication (EU/US data centers)
• Stripe — payment processing
• AWS SES — transactional email delivery
• Google Gemini / OpenAI — AI analysis (campaign data is sent to these APIs; no personal data is included in AI prompts)

Each provider has their own privacy policy and data processing terms.

// COOKIES

We use minimal, functional cookies only:

• Auth session cookie — keeps you logged in (required)
• UTM cookie — stores referral source for 30 days (functional)
• Referral cookie — tracks referral codes (functional)

We do not use advertising cookies, tracking pixels, or third-party analytics cookies.

// DATA RETENTION

We retain your account data for as long as your account is active. Campaign analyses are retained indefinitely to support your history. If you delete your account, your personal data is removed within 30 days. Contact us to request deletion.

// YOUR RIGHTS

You have the right to access, correct, or delete your personal data at any time. To exercise these rights, contact us via the contact form. If you are in the EU/EEA, you also have rights under GDPR including data portability and the right to lodge a complaint with your supervisory authority.

// CHANGES TO THIS POLICY

We may update this policy as our service evolves. Material changes will be communicated via email. Continued use of ShouldIBack after changes constitutes acceptance.